![]() ![]() External output received by the “get_networks()” function in /root/apps/auth_gen/auth_gen is not properly validated (before it’s fed directly to “os.execute()”), which could lead to remote code execution with root access, researchers said. Researchers also discovered failed sanitization (CVE-2019-3989) in a function called “get_network()”, which exists in other helper scripts on the device. These are then fed directly to “os.execute” within /root/apps/connection/start_get_sm_update. Researchers were able to hijack the DNS lookups for the “.server” variable on Blink’s sync modules, for instance, allowing them to hijack requests intended for “/fw/update_tls/” and return their own customized responses (such as “echo “Update hijacked.” & id”). “If an attacker is able to this request (either directly or indirectly - through some sort of DNS poisoning or hijacking), they can modify the contents of this response to suit their own needs or desires,” researchers said. That means the update scripts that retrieve updates remotely feed data directly to “os.execute()”, without any validation. When checking for updates, the device first obtains an update helper script (sm_update) from the web, and then immediately runs the content of this script – but with zero sanitation. The most serious vulnerability is a command injection flaw stemming from the sync module update (CVE-2019-3984), which exists in Blink’s cloud communication endpoints for providing updates to devices or obtaining network information. Overall, seven CVEs were disclosed in Blink. This is especially critical when the device in question is a security camera.” ![]() “Manufacturers of IoT devices have an opportunity and an obligation to ensure that effective security is baked into the overall design from the start and not bolted on as an afterthought. Precisely for that reason, cybercriminals are focused on compromising them,” said Renaud Deraison, co-founder and CTO with Tenable, in a statement. “Connected devices, like Blink cameras, are everywhere. Amazon has been notified of the flaws and has rolled out patches. The flaws could enable attackers without access to the devices to view camera footage, listen to audio output and hijack the device for use in a botnet, Tenable researchers disclosed on Tuesday. The internet of things (IoT) cameras (not to be confused with the Blink open-source browser engine), consist of a wireless camera and monitoring system for consumers. Multiple high-severity vulnerabilities have been discovered in Amazon-owned Blink XT2 security camera systems, which if exploited could give attackers complete control over them. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. Archives
January 2023
Categories |